{"title":"Modified Cryptosystem-Based Authentication Protocol for Internet of Things in Fog Networks","authors":"S. Kanthimathi, R. Sivakami, B. Indira","doi":"10.1002/cpe.70024","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>The advanced architecture called fog-driven IoT, positioned between the centralized cloud platform and IoT devices, aims to expand storage, computing, and network capabilities to the Internet edges. This setup ensures that services and resources from fog nodes are easily accessible and in proximity to the end-users and devices, reduces latency, enhances mobility, and provides location awareness. However, despite its benefits, the fog computing paradigm inherits security and privacy issues like those found in cloud computing. These concerns encompass challenges like message replay, impersonation, spoofing, man-in-the-middle attacks, and physical capture of IoT devices, posing potential risks to the system's security and privacy. In order to address these challenges, a new authentication protocol is proposed in this study, which encompasses five key phases: “node registration, fog server registration, node authentication, fog server authentication, and fail-safe authentication.” It begins with node registers on fog servers (FSs), establishing a foundation for trust and identity verification. The protocol then scales to authenticate the fog network, which consists of multiple FSs, each undergoes authentication within the cloud server, to ensure robustness and reliability across distributed servers. A significant innovation lies in the third phase, where mutual authentication is achieved using the Modified Blowfish (MBF) algorithm, promoting secure communication between FSs and nodes while ensuring stronger encryption and better protection against attacks. The fourth phase extends authentication mechanisms to the FS in which intra-fog authentication is done by the IKM scheme and inter-fog authentication is done by the IECC mechanism to manage cryptographic keys effectively within fog nodes and also enhance security in communication between different fog nodes. Additionally, a fail-safe authentication phase provides emergency response capabilities against potential attacks, bolstering the protocol's resilience. The proposed method's performance is validated against other well-known techniques to prove the supremacy of the method. At 75% data variation, the IECC scheme attained a better KCA attack value of 0.152, which surpasses the result of ECC, RSA, Blowfish, Fernet, ElGamal, NTRU, and CP-ABE. This potentially underscores the model's effectiveness in protecting data against known cryptographic vulnerabilities contrasting to other traditional techniques.</p>\n </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 4-5","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2025-02-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Concurrency and Computation-Practice & Experience","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/cpe.70024","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0
Abstract
The advanced architecture called fog-driven IoT, positioned between the centralized cloud platform and IoT devices, aims to expand storage, computing, and network capabilities to the Internet edges. This setup ensures that services and resources from fog nodes are easily accessible and in proximity to the end-users and devices, reduces latency, enhances mobility, and provides location awareness. However, despite its benefits, the fog computing paradigm inherits security and privacy issues like those found in cloud computing. These concerns encompass challenges like message replay, impersonation, spoofing, man-in-the-middle attacks, and physical capture of IoT devices, posing potential risks to the system's security and privacy. In order to address these challenges, a new authentication protocol is proposed in this study, which encompasses five key phases: “node registration, fog server registration, node authentication, fog server authentication, and fail-safe authentication.” It begins with node registers on fog servers (FSs), establishing a foundation for trust and identity verification. The protocol then scales to authenticate the fog network, which consists of multiple FSs, each undergoes authentication within the cloud server, to ensure robustness and reliability across distributed servers. A significant innovation lies in the third phase, where mutual authentication is achieved using the Modified Blowfish (MBF) algorithm, promoting secure communication between FSs and nodes while ensuring stronger encryption and better protection against attacks. The fourth phase extends authentication mechanisms to the FS in which intra-fog authentication is done by the IKM scheme and inter-fog authentication is done by the IECC mechanism to manage cryptographic keys effectively within fog nodes and also enhance security in communication between different fog nodes. Additionally, a fail-safe authentication phase provides emergency response capabilities against potential attacks, bolstering the protocol's resilience. The proposed method's performance is validated against other well-known techniques to prove the supremacy of the method. At 75% data variation, the IECC scheme attained a better KCA attack value of 0.152, which surpasses the result of ECC, RSA, Blowfish, Fernet, ElGamal, NTRU, and CP-ABE. This potentially underscores the model's effectiveness in protecting data against known cryptographic vulnerabilities contrasting to other traditional techniques.
期刊介绍:
Concurrency and Computation: Practice and Experience (CCPE) publishes high-quality, original research papers, and authoritative research review papers, in the overlapping fields of:
Parallel and distributed computing;
High-performance computing;
Computational and data science;
Artificial intelligence and machine learning;
Big data applications, algorithms, and systems;
Network science;
Ontologies and semantics;
Security and privacy;
Cloud/edge/fog computing;
Green computing; and
Quantum computing.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
